kcenon::pacs::security::atna_service_auditor Class Reference

High-level facade for emitting ATNA audit events from DICOM services. More...

#include <atna_service_auditor.h>

Collaboration diagram for kcenon::pacs::security::atna_service_auditor:

Public Member Functions
	atna_service_auditor (const syslog_transport_config &config, std::string audit_source_id)
	Construct an auditor with syslog transport configuration.
	~atna_service_auditor ()=default
	atna_service_auditor (const atna_service_auditor &)=delete
atna_service_auditor &	operator= (const atna_service_auditor &)=delete
	atna_service_auditor (atna_service_auditor &&) noexcept
atna_service_auditor &	operator= (atna_service_auditor &&) noexcept
void	audit_instance_stored (const std::string &source_ae, const std::string &dest_ae, const std::string &study_uid, const std::string &patient_id, bool success)
	Audit a C-STORE (DICOM Instances Transferred) event.
void	audit_query (const std::string &calling_ae, const std::string &called_ae, const std::string &query_level, bool success)
	Audit a C-FIND (Query) event.
void	audit_authentication (const std::string &user_id, bool is_login, bool success)
	Audit a User Authentication event.
void	audit_security_alert (const std::string &user_id, const std::string &alert_description)
	Audit a Security Alert event (e.g., access denied)
void	set_enabled (bool enabled) noexcept
	Enable or disable audit event emission.
bool	is_enabled () const noexcept
	Check if audit event emission is enabled.
size_t	events_sent () const noexcept
	Get the number of audit events successfully sent.
size_t	events_failed () const noexcept
	Get the number of audit event send failures.
void	reset_statistics () noexcept
	Reset statistics counters.
const std::string &	audit_source_id () const noexcept
	Get the audit source identifier.
const atna_syslog_transport &	transport () const noexcept
	Get the underlying transport (for advanced use)

Private Member Functions
void	send_audit (const atna_audit_message &message)
	Send an audit message via syslog transport.

Private Attributes
std::string	audit_source_id_
	Audit source identifier (e.g., "PACS_SYSTEM_01")
atna_syslog_transport	transport_
	Syslog transport for sending audit messages.
std::atomic< bool >	enabled_ {true}
	Whether audit is enabled.
std::atomic< size_t >	events_sent_ {0}
	Statistics.
std::atomic< size_t >	events_failed_ {0}

Detailed Description

High-level facade for emitting ATNA audit events from DICOM services.

Combines the audit message generator (atna_audit_logger) with the syslog transport (atna_syslog_transport) to provide simple, one-call audit methods for common DICOM operations.

Usage

syslog_transport_config config;
config.host = "audit-server.hospital.local";
config.port = 6514;
config.protocol = syslog_transport_protocol::tls;
 
atna_service_auditor auditor(config, "PACS_SYSTEM_01");
 
// After a C-STORE operation:
auditor.audit_instance_stored("MODALITY_01", "PACS_SCP",
    "1.2.3.4.5", "PAT001", true);
 
// After a C-FIND operation:
auditor.audit_query("WORKSTATION_01", "PACS_SCP",
    "STUDY", true);

Definition at line 52 of file atna_service_auditor.h.

Constructor & Destructor Documentation

atna_service_auditor() [1/3]

kcenon::pacs::security::atna_service_auditor::atna_service_auditor	(	const syslog_transport_config &	config,
		std::string	audit_source_id )

Construct an auditor with syslog transport configuration.

Parameters

config	Syslog transport configuration
audit_source_id	Identifier for this audit source (e.g., "PACS_01")

Definition at line 14 of file atna_service_auditor.cpp.

    : audit_source_id_(std::move(audit_source_id)),
      transport_(config) {}

~atna_service_auditor()

kcenon::pacs::security::atna_service_auditor::~atna_service_auditor ( )

default

atna_service_auditor() [2/3]

kcenon::pacs::security::atna_service_auditor::atna_service_auditor ( const atna_service_auditor & )

delete

atna_service_auditor() [3/3]

kcenon::pacs::security::atna_service_auditor::atna_service_auditor ( atna_service_auditor && other )

noexcept

Definition at line 20 of file atna_service_auditor.cpp.

    : audit_source_id_(std::move(other.audit_source_id_)),
      transport_(std::move(other.transport_)),
      enabled_(other.enabled_.load(std::memory_order_relaxed)),
      events_sent_(other.events_sent_.load(std::memory_order_relaxed)),
      events_failed_(other.events_failed_.load(std::memory_order_relaxed)) {}

Member Function Documentation

audit_authentication()

void kcenon::pacs::security::atna_service_auditor::audit_authentication	(	const std::string &	user_id,
		bool	is_login,
		bool	success )

Audit a User Authentication event.

Parameters

user_id	User identifier (AE title or username)
is_login	true for login, false for logout
success	Whether the authentication succeeded

Definition at line 101 of file atna_service_auditor.cpp.

                  {
 
    if (!enabled_.load(std::memory_order_relaxed)) {
        return;
    }
 
    auto outcome = success ? atna_event_outcome::success
                           : atna_event_outcome::serious_failure;
 
    auto msg = atna_audit_logger::build_user_authentication(
        audit_source_id_,
        user_id,
        "",           // user IP (not available at this level)
        is_login,
        outcome);
 
    send_audit(msg);
}

References audit_source_id_, kcenon::pacs::security::atna_audit_logger::build_user_authentication(), enabled_, send_audit(), kcenon::pacs::security::serious_failure, and kcenon::pacs::security::success.

Here is the call graph for this function:

audit_instance_stored()

void kcenon::pacs::security::atna_service_auditor::audit_instance_stored	(	const std::string &	source_ae,
		const std::string &	dest_ae,
		const std::string &	study_uid,
		const std::string &	patient_id,
		bool	success )

Audit a C-STORE (DICOM Instances Transferred) event.

Parameters

source_ae	Calling AE title (sender)
dest_ae	Called AE title (receiver)
study_uid	Study Instance UID
patient_id	Patient ID (optional, empty if unavailable)
success	Whether the operation succeeded

Definition at line 48 of file atna_service_auditor.cpp.

                  {
 
    if (!enabled_.load(std::memory_order_relaxed)) {
        return;
    }
 
    auto outcome = success ? atna_event_outcome::success
                           : atna_event_outcome::serious_failure;
 
    auto msg = atna_audit_logger::build_dicom_instances_transferred(
        audit_source_id_,
        source_ae,    // source AE
        "",           // source IP (not available at service level)
        dest_ae,      // destination AE
        "",           // destination IP (not available at service level)
        study_uid,
        patient_id,
        true,         // is_import (SCP receiving)
        outcome);
 
    send_audit(msg);
}

References audit_source_id_, kcenon::pacs::security::atna_audit_logger::build_dicom_instances_transferred(), enabled_, send_audit(), kcenon::pacs::security::serious_failure, and kcenon::pacs::security::success.

Referenced by kcenon::pacs::services::storage_scp::handle_message().

Here is the call graph for this function:

Here is the caller graph for this function:

audit_query()

void kcenon::pacs::security::atna_service_auditor::audit_query	(	const std::string &	calling_ae,
		const std::string &	called_ae,
		const std::string &	query_level,
		bool	success )

Audit a C-FIND (Query) event.

Parameters

calling_ae	Calling AE title (query requester)
called_ae	Called AE title (query responder)
query_level	Query level string (PATIENT/STUDY/SERIES/IMAGE)
success	Whether the operation succeeded

Definition at line 76 of file atna_service_auditor.cpp.

                  {
 
    if (!enabled_.load(std::memory_order_relaxed)) {
        return;
    }
 
    auto outcome = success ? atna_event_outcome::success
                           : atna_event_outcome::serious_failure;
 
    // Use query level as query_data for the audit trail
    auto msg = atna_audit_logger::build_query(
        audit_source_id_,
        calling_ae,
        "",           // user IP (not available at service level)
        "QueryLevel=" + query_level + " CalledAE=" + called_ae,
        "",           // patient_id (not available from query keys here)
        outcome);
 
    send_audit(msg);
}

References audit_source_id_, kcenon::pacs::security::atna_audit_logger::build_query(), enabled_, send_audit(), kcenon::pacs::security::serious_failure, and kcenon::pacs::security::success.

Referenced by kcenon::pacs::services::query_scp::handle_message().

Here is the call graph for this function:

Here is the caller graph for this function:

audit_security_alert()

void kcenon::pacs::security::atna_service_auditor::audit_security_alert	(	const std::string &	user_id,
		const std::string &	alert_description )

Audit a Security Alert event (e.g., access denied)

Parameters

user_id	User identifier
alert_description	Description of the security alert

Definition at line 123 of file atna_service_auditor.cpp.

                                        {
 
    if (!enabled_.load(std::memory_order_relaxed)) {
        return;
    }
 
    auto msg = atna_audit_logger::build_security_alert(
        audit_source_id_,
        user_id,
        "",           // user IP (not available at this level)
        alert_description);
 
    send_audit(msg);
}

References audit_source_id_, kcenon::pacs::security::atna_audit_logger::build_security_alert(), enabled_, and send_audit().

Here is the call graph for this function:

audit_source_id()

const std::string & kcenon::pacs::security::atna_service_auditor::audit_source_id ( ) const

nodiscardnoexcept

Get the audit source identifier.

Definition at line 173 of file atna_service_auditor.cpp.

                                                                      {
    return audit_source_id_;
}

References audit_source_id_.

events_failed()

size_t kcenon::pacs::security::atna_service_auditor::events_failed ( ) const

nodiscardnoexcept

Get the number of audit event send failures.

Definition at line 160 of file atna_service_auditor.cpp.

                                                          {
    return events_failed_.load(std::memory_order_relaxed);
}

References events_failed_.

events_sent()

size_t kcenon::pacs::security::atna_service_auditor::events_sent ( ) const

nodiscardnoexcept

Get the number of audit events successfully sent.

Definition at line 156 of file atna_service_auditor.cpp.

                                                        {
    return events_sent_.load(std::memory_order_relaxed);
}

References events_sent_.

is_enabled()

bool kcenon::pacs::security::atna_service_auditor::is_enabled ( ) const

nodiscardnoexcept

Check if audit event emission is enabled.

Returns

true if enabled

Definition at line 148 of file atna_service_auditor.cpp.

                                                     {
    return enabled_.load(std::memory_order_relaxed);
}

References enabled_.

operator=() [1/2]

atna_service_auditor & kcenon::pacs::security::atna_service_auditor::operator= ( atna_service_auditor && other )

noexcept

Definition at line 28 of file atna_service_auditor.cpp.

                                           {
    if (this != &other) {
        audit_source_id_ = std::move(other.audit_source_id_);
        transport_ = std::move(other.transport_);
        enabled_.store(other.enabled_.load(std::memory_order_relaxed),
                       std::memory_order_relaxed);
        events_sent_.store(other.events_sent_.load(std::memory_order_relaxed),
                           std::memory_order_relaxed);
        events_failed_.store(
            other.events_failed_.load(std::memory_order_relaxed),
            std::memory_order_relaxed);
    }
    return *this;
}

References kcenon::pacs::security::other.

operator=() [2/2]

atna_service_auditor & kcenon::pacs::security::atna_service_auditor::operator= ( const atna_service_auditor & )

delete

reset_statistics()

void kcenon::pacs::security::atna_service_auditor::reset_statistics ( )

noexcept

Reset statistics counters.

Definition at line 164 of file atna_service_auditor.cpp.

                                                     {
    events_sent_.store(0, std::memory_order_relaxed);
    events_failed_.store(0, std::memory_order_relaxed);
}

References events_failed_, and events_sent_.

send_audit()

void kcenon::pacs::security::atna_service_auditor::send_audit ( const atna_audit_message & message )

private

Send an audit message via syslog transport.

Converts the message to XML and sends it. Updates statistics.

Parameters

message

The audit message to send

Definition at line 185 of file atna_service_auditor.cpp.

                                                                       {
    auto xml = atna_audit_logger::to_xml(message);
    auto result = transport_.send(xml);
 
    if (result.is_ok()) {
        events_sent_.fetch_add(1, std::memory_order_relaxed);
    } else {
        events_failed_.fetch_add(1, std::memory_order_relaxed);
    }
}

References events_failed_, events_sent_, kcenon::pacs::security::atna_syslog_transport::send(), kcenon::pacs::security::atna_audit_logger::to_xml(), and transport_.

Referenced by audit_authentication(), audit_instance_stored(), audit_query(), and audit_security_alert().

Here is the call graph for this function:

Here is the caller graph for this function:

set_enabled()

void kcenon::pacs::security::atna_service_auditor::set_enabled ( bool enabled )

noexcept

Enable or disable audit event emission.

When disabled, audit methods return immediately without generating or sending any messages. Useful for testing or low-resource environments.

Parameters

enabled

true to enable, false to disable

Definition at line 144 of file atna_service_auditor.cpp.

                                                            {
    enabled_.store(enabled, std::memory_order_relaxed);
}

transport()

const atna_syslog_transport & kcenon::pacs::security::atna_service_auditor::transport ( ) const

nodiscardnoexcept

Get the underlying transport (for advanced use)

Definition at line 177 of file atna_service_auditor.cpp.

                                                                            {
    return transport_;
}

References transport_.

Member Data Documentation

audit_source_id_

std::string kcenon::pacs::security::atna_service_auditor::audit_source_id_

private

Audit source identifier (e.g., "PACS_SYSTEM_01")

Definition at line 199 of file atna_service_auditor.h.

Referenced by audit_authentication(), audit_instance_stored(), audit_query(), audit_security_alert(), and audit_source_id().

enabled_

std::atomic<bool> kcenon::pacs::security::atna_service_auditor::enabled_ {true}

private

Whether audit is enabled.

Definition at line 205 of file atna_service_auditor.h.

{true};

Referenced by audit_authentication(), audit_instance_stored(), audit_query(), audit_security_alert(), and is_enabled().

events_failed_

std::atomic<size_t> kcenon::pacs::security::atna_service_auditor::events_failed_ {0}

private

Definition at line 209 of file atna_service_auditor.h.

{0};

Referenced by events_failed(), reset_statistics(), and send_audit().

events_sent_

std::atomic<size_t> kcenon::pacs::security::atna_service_auditor::events_sent_ {0}

private

Statistics.

Definition at line 208 of file atna_service_auditor.h.

{0};

Referenced by events_sent(), reset_statistics(), and send_audit().

transport_

atna_syslog_transport kcenon::pacs::security::atna_service_auditor::transport_

private

Syslog transport for sending audit messages.

Definition at line 202 of file atna_service_auditor.h.

Referenced by send_audit(), and transport().

---

The documentation for this class was generated from the following files:

• include/kcenon/pacs/security/atna_service_auditor.h
• src/security/atna_service_auditor.cpp